[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$feSpPaQKTQeq8lJDSxMbUTmIXCiQN2LwJmDT0PnJnPKc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":150,"fingerprints":302},"brozzme-add-plugins-thumbnails","Brozzme Plugins Thumbnails","1.4.5","Benoti","https:\u002F\u002Fprofiles.wordpress.org\u002Fbenoti\u002F","\u003Cp>Add thumbnail column to plugins displays thumbnails for WordPress plugins on the plugins list page, on admin (wp-admin\u002Fplugins.php).\u003Cbr \u002F>\nBrozzme Add Plugins Thumbnails would help to easily identify plugins. Add your own thumbnails for premiums or personal plugins.\u003Cbr \u002F>\nJust activate plugin to see thumbnail.\u003C\u002Fp>\n\u003Cp>Options\u003C\u002Fp>\n\u003Col>\n\u003Cli>Icon width and height\u003C\u002Fli>\n\u003Cli>Round icon\u003C\u002Fli>\n\u003Cli>Reset transients\u003C\u002Fli>\n\u003Cli>Transient expiration\u003C\u002Fli>\n\u003Cli>Add your special thumbnails\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Behaviour\u003C\u002Fp>\n\u003Cul>\n\u003Cli>thumbnail from wordpress.org repository\u003C\u002Fli>\n\u003Cli>thumbnail fallback with text, random colors or your own thubnails\u003C\u002Fli>\n\u003Cli>specials links to the thumbnails\u003C\u002Fli>\n\u003Cli>transients\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbrozzme.com\u002F\" title=\"Brozzme\" rel=\"nofollow ugc\">Benoti\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwww.wpserveur.net\u002F?refwps=221\" title=\"WPServeur WordPress Hosting\" rel=\"nofollow ugc\">WPServeur\u003C\u002Fa>.\u003C\u002Fp>\n","Add thumbnail column to plugins list table in the admin plugins page even they are not in the repository.",70,10091,100,3,"2021-10-28T15:14:00.000Z","5.8.13","4.7","5.6",[20,21,22,23,24],"add","admin","icon","list-table","thumbnails","https:\u002F\u002Fbrozzme.com\u002Fplugins-thumbnails\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbrozzme-add-plugins-thumbnails.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"benoti",11,10780,88,30,86,"2026-04-04T15:34:26.658Z",[41,62,87,112,132],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":13,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":55,"download_link":61,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"admin-columns-icons-addon","Admin Columns – Icons Add-on","1.1","Jesper van Engelen","https:\u002F\u002Fprofiles.wordpress.org\u002Fengelen\u002F","\u003Cp>Enhance your admin overview screens by displaying icons instead of text labels in the table header and footer.\u003C\u002Fp>\n\u003Cp>The Icons Add-on for Admin Columns adds functionality for displaying icons on the posts, users, media and comment overview screens, and any other screens Admin Columns Supports. It supports all column types that have a label! You can choose to select one of WordPress’ native \u003Ca href=\"https:\u002F\u002Fdeveloper.wordpress.org\u002Fresource\u002Fdashicons\u002F\" rel=\"nofollow ugc\">Dashicons\u003C\u002Fa>, upload a new icon image, select an icon from your media library and choose a custom URL to retrieve the icon from.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>This plugin is an add-on for \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcodepress-admin-columns\u002F\" rel=\"ugc\">Admin Columns\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n","Use icons instead of text labels in column headers on post, user, media and other admin pages. Extension for Admin Columns.",20,3102,1,"2016-08-21T20:04:00.000Z","4.5.33","3.5","",[57,21,58,59,60],"addon","admin-columns","columns","icons","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-columns-icons-addon.1.1.zip",{"slug":63,"name":64,"version":65,"author":66,"author_profile":67,"description":68,"short_description":69,"active_installs":70,"downloaded":71,"rating":72,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":17,"requires_php":76,"tags":77,"homepage":83,"download_link":84,"security_score":85,"vuln_count":14,"unpatched_count":28,"last_vuln_date":86,"fetched_at":30},"astra-widgets","Astra Widgets","1.2.17","Brainstorm Force","https:\u002F\u002Fprofiles.wordpress.org\u002Fbrainstormforce\u002F","\u003Ch4>The fastest way to add more widgets into your WordPress website.\u003C\u002Fh4>\n\u003Cp>How easy can things get when you can add widgets for particular information and fetch them anywhere on your website? This goes with the most wanted information like the business address, social profile links and list icons.\u003C\u002Fp>\n\u003Cp>The Astra Widget plugin lets you create widgets to add an address, a social profile widget and list icons that you can add into your header, sidebar, footer etc. on your website.\u003C\u002Fp>\n\u003Ch4>How does this work?\u003C\u002Fh4>\n\u003Cp>The Astra Widgets plugin can be installed like any other WordPress plugin. Once installed, you will find the following widgets listed under Appearance -> Widgets\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Astra : Address\u003C\u002Fli>\n\u003Cli>Astra : List Icons\u003C\u002Fli>\n\u003Cli>Astra : Social Profiles\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You simply need to select the place you wish to add the widget in and then add the information in the specific fields. Save this and you are done!\u003C\u002Fp>\n\u003Ch4>WHY PEOPLE LOVE THE ASTRA THEME?\u003C\u002Fh4>\n\u003Cp>Astra is currently powering over 1+ million websites. The performance and ease of use it offers has made it the go-to theme for beginners as well as experts.\u003C\u002Fp>\n\u003Ch4>Here are a few reasons why they love Astra –\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Faster Performance\u003C\u002Fstrong> – Astra follows the best coding standards and is built with speed and performance in mind. It is the best WordPress theme that lets you build faster lading and better performing websites.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Easy Customization\u003C\u002Fstrong> – With an aim to keep it simple and easy, Astra gives you lots of options to customize everything with just a few clicks. Everything can be managed through the customizer itself!\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Compatibility with Page Builders\u003C\u002Fstrong> – Astra works seamlessly with all major page builders and therefore is opted as the best \u003Ca href=\"https:\u002F\u002Fwpastra.com\u002Ftheme-for-elementor\u002F?utm_source=wp-repo&utm_medium=astra_desc&utm_campaign=ast_widgets\" rel=\"nofollow ugc\">theme for Elementor\u003C\u002Fa>, Beaver Builder, Gutenberg, etc.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pixel Perfect Design\u003C\u002Fstrong> – Astra offers pixel-perfect FREE ready-to-use website demos within a huge library of starter sites. These can simply be imported, tweaked and used to reduce your overall design time.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Deeper Integrations\u003C\u002Fstrong> – Astra lets you create and beautify eCommerce websites and those that offer online courses in minutes. This is possible due to its in-depth integrations with all WooCommerce plugins, LifterLMS, LearnDash, etc.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Ready-to-use complete website demos\u003C\u002Fstrong> – Astra offers ready-made starter templates built with Elementor, Beaver Builder, Brizy and Gutenberg. You can import them using the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fastra-sites\u002F\" rel=\"ugc\">Starter Templates\u003C\u002Fa> plugin, tweak and go live in minutes!\u003C\u002Fp>\n","Quickest solution to add widgets like Address, Social Profiles and List icons on a website built with Astra.",200000,4538614,78,17,"2025-12-15T06:25:00.000Z","6.9.4","5.2",[78,79,80,81,82],"add-widget","address-widget","list-icon-widget","social-media","social-profile-widget","https:\u002F\u002Fwpastra.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fastra-widgets.1.2.17.zip",96,"2025-12-28 00:00:00",{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":97,"num_ratings":98,"last_updated":99,"tested_up_to":100,"requires_at_least":101,"requires_php":55,"tags":102,"homepage":107,"download_link":108,"security_score":109,"vuln_count":110,"unpatched_count":28,"last_vuln_date":111,"fetched_at":30},"all-in-one-favicon","All In One Favicon","4.8","Garrett Grimm","https:\u002F\u002Fprofiles.wordpress.org\u002Fgrimmdude\u002F","\u003Cp>\u003Ca href=\"https:\u002F\u002Fappsumo.com\u002Fsearch?tags=wordpress&utm_source=sumo&utm_medium=wp-widget&utm_campaign=all-in-one-favicon\" rel=\"nofollow ugc\">Check out the latest WordPress deals for your site.\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>All In One Favicon adds favicons to your site and your admin pages.\u003Cbr \u002F>\nYou can either use favicons you already uploaded or use the builtin upload mechanism to upload a favicon to your WordPress installation.\u003C\u002Fp>\n\u003Cp>All three favicon types are supported – .ico, .png and .gif (may be animated)\u003Cbr \u002F>\nAlso, Apple Touch Icons are supported.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Localization\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Bahasa Indonesia (\u003Ccode>id_ID\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fmovableid.com\u002F\" rel=\"nofollow ugc\">EKO\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Czech (\u003Ccode>cs_CZ\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fwww.neteyes.cz\" rel=\"nofollow ugc\">Neteyes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Danish (\u003Ccode>da_DK\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fwordpress.blogos.dk\u002F\" rel=\"nofollow ugc\">GeorgWP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Dutch (\u003Ccode>nl_NL\u003C\u002Fcode>) by Pieter Carette\u003C\u002Fli>\n\u003Cli>English (\u003Ccode>en_EN\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fwww.techotronic.de\u002F\" rel=\"nofollow ugc\">Arne Franken\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>French (\u003Ccode>fr_FR\u003C\u002Fcode>) by Christophe Guilloux\u003C\u002Fli>\n\u003Cli>German (\u003Ccode>de_DE\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fwww.techotronic.de\u002F\" rel=\"nofollow ugc\">Arne Franken\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Hebrew (\u003Ccode>he_IL\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fwww.atar4u.com\" rel=\"nofollow ugc\">Ahrale\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Italian (\u003Ccode>it_IT\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fwww.valeriovendrame.it\u002F\" rel=\"nofollow ugc\">Valerio Vendrame\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Polish (\u003Ccode>pl_PL\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fwww.facebook.com\u002Fpiniu69\u002F\" rel=\"nofollow ugc\">Piotr Czarnecki\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Portuguese (\u003Ccode>pt_PT\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fwww.miguelpatricio.com\u002F\" rel=\"nofollow ugc\">Miguel Ângelo Patricio\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Serbian (\u003Ccode>sr_RS\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fdralvaro.com\u002F\" rel=\"nofollow ugc\">Balkanboy Media team\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Simplified Chinese (\u003Ccode>zh_CN\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fsparanoid.com\u002F\" rel=\"nofollow ugc\">Tunghsiao Liu\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Spanish (\u003Ccode>es_ES\u003C\u002Fcode>) by Eddy Ernesto Ríos\u003C\u002Fli>\n\u003Cli>Slovak (\u003Ccode>sk_SK\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fwww.brozman.sk\u002Fblog\" rel=\"nofollow ugc\">Viliam Brozman\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Swedish (\u003Ccode>sv_SE\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Fwww.theindiaexperience.se\u002F\" rel=\"nofollow ugc\">Christian Nilsson\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Turkish (\u003Ccode>tr_TR\u003C\u002Fcode>) by \u003Ca href=\"http:\u002F\u002Framerta.com\" rel=\"nofollow ugc\">Ömer Faruk Karabulut\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Is your native language missing?\u003Cbr \u002F>\nTranslating the plugin is easy if you understand english and are fluent in another language.\u003Cbr \u002F>\nI described in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fall-in-one-favicon\u002Ffaq\u002F\" rel=\"ugc\">FAQ\u003C\u002Fa> how the translation works.\u003C\u002Fp>\n","Easily add a Favicon to your site and the WordPress admin pages. Complete with upload functionality. Supports all three Favicon types (ico,png,gif).",70000,1495524,90,82,"2023-08-08T02:27:00.000Z","6.2.9","2.8",[21,103,104,105,106],"blog","favicon","image","theme","http:\u002F\u002Fwww.techotronic.de\u002Fplugins\u002Fall-in-one-favicon\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fall-in-one-favicon.4.8.zip",84,2,"2023-02-23 00:00:00",{"slug":113,"name":114,"version":115,"author":116,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":97,"num_ratings":73,"last_updated":122,"tested_up_to":123,"requires_at_least":124,"requires_php":55,"tags":125,"homepage":130,"download_link":131,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"acf-qtranslate","ACF qTranslate","1.7.25","funkjedi","https:\u002F\u002Fprofiles.wordpress.org\u002Ffunkjedi\u002F","\u003Cp>This plugin provides qTranslate-X compatible ACF4 and ACF5PRO field types for Text, Text Area, WYSIWYG, Image and File. When adding a field to a field group these new field types will be listed under the qTranslate category in the Field Type dropdown.\u003C\u002Fp>\n\u003Ch4>Field Types\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>qTranslate Text (type text, api returns text)\u003C\u002Fli>\n\u003Cli>qTranslate Text Area (type text, api returns text)\u003C\u002Fli>\n\u003Cli>qTranslate WYSIWYG (a wordpress wysiwyg editor, api returns html)\u003C\u002Fli>\n\u003Cli>qTranslate Image (upload an image, api returns the url)\u003C\u002Fli>\n\u003Cli>qTranslate File (upload a file, api returns the url)\u003C\u002Fli>\n\u003Cli>qTranslate URL (type text, api returns text)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The standard Text, Text Area and WYSIWYG field types can also be enabled for translation.\u003C\u002Fp>\n\u003Ch4>Bug Submission\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Ffunkjedi\u002Facf-qtranslate\u002Fissues\u002F\u003C\u002Fp>\n","Provides qTranslate compatible ACF field types for Text, Text Area, WYSIWYG, Image and File.",9000,182887,"2018-10-26T03:31:00.000Z","4.9.29","3.5.0",[126,127,21,128,129],"acf","add-on","advanced-custom-fields","qtranslate","http:\u002F\u002Fgithub.com\u002Ffunkjedi\u002Facf-qtranslate","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facf-qtranslate.1.7.25.zip",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":142,"num_ratings":143,"last_updated":144,"tested_up_to":145,"requires_at_least":124,"requires_php":55,"tags":146,"homepage":148,"download_link":149,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"acf-typography-field","Advanced Custom Fields: Typography Field","3.2.3","Mujahid Ishtiaq","https:\u002F\u002Fprofiles.wordpress.org\u002Fmujahid158\u002F","\u003Cp>Typography field type for “Advanced Custom Fields” plugin that lets you add different text properties e.g. Font Size, Font Family, Font Color etc.\u003C\u002Fp>\n\u003Ch4>Supported Subfields\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Font Size\u003C\u002Fli>\n\u003Cli>Font Family\u003C\u002Fli>\n\u003Cli>Font Weight\u003C\u002Fli>\n\u003Cli>Font Style\u003C\u002Fli>\n\u003Cli>Font Variant\u003C\u002Fli>\n\u003Cli>Font Stretch\u003C\u002Fli>\n\u003Cli>Line Height\u003C\u002Fli>\n\u003Cli>Letter Spacing\u003C\u002Fli>\n\u003Cli>Text Align\u003C\u002Fli>\n\u003Cli>Text Color\u003C\u002Fli>\n\u003Cli>Text Decoration\u003C\u002Fli>\n\u003Cli>Text Transform\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Other Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Supports Google Fonts. The selected Google Fonts are automatically enqueued on front-end of posts\u002Fpages. Google Fonts also work with ACF Options.\u003C\u002Fli>\n\u003Cli>Supports Gutenberg Blocks created with ACF.\u003C\u002Fli>\n\u003Cli>Option to show\u002Fhide each subfield individually\u003C\u002Fli>\n\u003Cli>Option to make each subfield required individually\u003C\u002Fli>\n\u003Cli>Color Picker for Text Color subfield\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Documentation\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>\u002F\u002F Returns the value of a specific property\nget_typography_field( $selector, $property, [$post_id], [$format_value] );\n\n\u002F\u002F Displays the value of a specific property\nthe_typography_field( $selector, $property, [$post_id], [$format_value] );\n\n\u002F\u002F Returns the value of a specific property from a sub field.\nget_typography_sub_field( $selector, $property, [$format_value] );\n\n\u002F\u002F Displays the value of a specific property from a sub field.\nthe_typography_sub_field( $selector, $property, [$format_value] );\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Shortcode\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>[acf_typography field=\"field-name\" property=\"font_size\" post_id=\"123\" format_value=\"1\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Github repository\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmujahidi\u002Facf-typography\" rel=\"nofollow ugc\">@mujahidi\u002Facf-typography\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Compatibility\u003C\u002Fh4>\n\u003Cp>This ACF field type is compatible with:\u003Cbr \u002F>\n* Free and paid versions of the ACF plugin\u003C\u002Fp>\n","A Typography Add-on for the Advanced Custom Fields Plugin.",3000,37830,92,5,"2024-03-06T16:22:00.000Z","6.4.8",[126,57,21,128,147],"typography","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Facf-typography-field","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Facf-typography-field.3.2.3.zip",{"attackSurface":151,"codeSignals":207,"taintFlows":287,"riskAssessment":288,"analyzedAt":301},{"hooks":152,"ajaxHandlers":203,"restRoutes":204,"shortcodes":205,"cronEvents":206,"entryPointCount":28,"unprotectedCount":28},[153,159,163,167,172,177,182,186,188,193,197,200],{"type":154,"name":155,"callback":156,"file":157,"line":158},"action","admin_enqueue_scripts","_add_settings_styles","brozzme_plugins_thumbnails.php",43,{"type":154,"name":160,"callback":161,"file":157,"line":162},"plugins_loaded","_load_textdomain",46,{"type":154,"name":164,"callback":165,"file":157,"line":166},"admin_head","_empty_thumb_style",72,{"type":168,"name":169,"callback":170,"file":157,"line":171},"filter","manage_plugins_columns","_columns_head",73,{"type":154,"name":173,"callback":174,"priority":175,"file":157,"line":176},"manage_plugins_custom_column","_thumbnail_column",10,74,{"type":154,"name":178,"callback":179,"file":180,"line":181},"admin_menu","add_admin_plugins_groupe_menu","includes\\brozzme_plugins_page.php",21,{"type":154,"name":183,"callback":184,"file":180,"line":185},"admin_footer_text","footer_credits",44,{"type":154,"name":160,"callback":161,"file":180,"line":187},48,{"type":154,"name":178,"callback":189,"priority":190,"file":191,"line":192},"add_admin_pages",110,"includes\\brozzme_plugins_thumbnails_settings.php",15,{"type":154,"name":194,"callback":195,"file":191,"line":196},"admin_init","settings_fields",16,{"type":154,"name":155,"callback":198,"file":191,"line":199},"enqueue_media_js",19,{"type":154,"name":201,"callback":202,"priority":175,"file":191,"line":49},"updated_option","_reset_saved_specials",[],[],[],[],{"dangerousFunctions":208,"sqlUsage":213,"outputEscaping":215,"fileOperations":28,"externalRequests":143,"nonceChecks":28,"capabilityChecks":51,"bundledLibraries":286},[209],{"fn":210,"file":180,"line":211,"context":212},"unserialize",329,"$body = unserialize($body['body']);",{"prepared":110,"raw":28,"locations":214},[],{"escaped":51,"rawEcho":216,"locations":217},36,[218,221,223,225,227,229,231,233,235,237,239,240,242,244,246,248,250,252,254,256,258,260,262,264,266,268,270,271,272,274,275,276,278,280,282,284],{"file":157,"line":219,"context":220},145,"raw output",{"file":157,"line":222,"context":220},279,{"file":157,"line":224,"context":220},282,{"file":157,"line":226,"context":220},285,{"file":157,"line":228,"context":220},306,{"file":157,"line":230,"context":220},315,{"file":157,"line":232,"context":220},316,{"file":157,"line":234,"context":220},318,{"file":157,"line":236,"context":220},322,{"file":157,"line":238,"context":220},334,{"file":157,"line":238,"context":220},{"file":180,"line":241,"context":220},134,{"file":180,"line":243,"context":220},136,{"file":180,"line":245,"context":220},142,{"file":180,"line":247,"context":220},147,{"file":180,"line":249,"context":220},149,{"file":180,"line":251,"context":220},157,{"file":180,"line":253,"context":220},163,{"file":180,"line":255,"context":220},168,{"file":180,"line":257,"context":220},186,{"file":180,"line":259,"context":220},193,{"file":191,"line":261,"context":220},296,{"file":191,"line":263,"context":220},428,{"file":191,"line":265,"context":220},439,{"file":191,"line":267,"context":220},450,{"file":191,"line":269,"context":220},453,{"file":191,"line":269,"context":220},{"file":191,"line":269,"context":220},{"file":191,"line":273,"context":220},454,{"file":191,"line":273,"context":220},{"file":191,"line":273,"context":220},{"file":191,"line":277,"context":220},455,{"file":191,"line":279,"context":220},470,{"file":191,"line":281,"context":220},499,{"file":191,"line":283,"context":220},507,{"file":191,"line":285,"context":220},579,[],[],{"summary":289,"deductions":290},"The plugin 'brozzme-add-plugins-thumbnails' v1.4.5 exhibits a mixed security posture.  On the positive side, it has a very small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events that are accessible to attackers. Furthermore, its SQL queries are all properly prepared, and it has no file operations or bundled libraries that could introduce vulnerabilities. The absence of known CVEs and a history of vulnerabilities is also a strong indicator of diligent development or a lack of targeting.\n\nHowever, several concerning code signals are present. The use of the `unserialize` function is a significant risk, as it can lead to Remote Code Execution if unsanitized user input is passed to it.  The low percentage of properly escaped output (3%) suggests a high likelihood of Cross-Site Scripting (XSS) vulnerabilities, especially given the absence of nonces for any potential entry points that might exist but aren't explicitly listed. The single capability check and lack of nonce checks on AJAX handlers (which are listed as zero, but the presence of the capability check suggests internal logic) point to potential privilege escalation or unauthorized actions if the `unserialize` function is ever triggered with malicious data.\n\nWhile the vulnerability history is clean, the presence of `unserialize` and poor output escaping are critical internal weaknesses that outweigh the lack of external history.  The plugin's strengths lie in its limited attack surface and secure SQL handling, but these are overshadowed by the significant risks posed by deserialization vulnerabilities and widespread XSS potential. Further investigation into how `unserialize` is used and ensuring all output is properly escaped is strongly recommended.",[291,293,296,299],{"reason":292,"points":192},"Use of unserialize function",{"reason":294,"points":295},"Low percentage of properly escaped output",8,{"reason":297,"points":298},"No nonce checks on potential entry points",7,{"reason":300,"points":143},"Only one capability check","2026-03-16T21:35:24.940Z",{"wat":303,"direct":312},{"assetPaths":304,"generatorPatterns":307,"scriptPaths":308,"versionParams":309},[305,306],"\u002Fwp-content\u002Fplugins\u002Fbrozzme-add-plugins-thumbnails\u002Fcss\u002Fbrozzme-admin-css.css","\u002Fwp-content\u002Fplugins\u002Fbrozzme-add-plugins-thumbnails\u002Fcss\u002Fstyle.css",[],[],[310,311],"\u002Fbrozzme-add-plugins-thumbnails\u002Fcss\u002Fbrozzme-admin-css.css?ver=","\u002Fbrozzme-add-plugins-thumbnails\u002Fcss\u002Fstyle.css?ver=",{"cssClasses":313,"htmlComments":319,"htmlAttributes":320,"restEndpoints":326,"jsGlobals":327,"shortcodeOutput":328},[314,315,316,317,318],"wps-ext-img","square-box","square-content","fl","fls",[],[321,322,323,324,325],"data-src","data-pluginName","data-pluginfl","data-pluginfls","data-color",[],[],[]]